CVE-2024-32870
published 2024-11-05CVE-2024-32870: Combodo iTop is a simple, web based IT Service Management tool. Server, OS, DBMS, PHP, and iTop info (name, version and parameters) can be read by anyone…
PriorityP179medium5.8CVSS 3.1
AVNACLPRNUINSCCLINAN
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
0.73%
49.7th percentile
Combodo iTop is a simple, web based IT Service Management tool. Server, OS, DBMS, PHP, and iTop info (name, version and parameters) can be read by anyone having access to iTop URI. This issue has been patched in versions 2.7.11, 3.0.5, 3.1.2, and 3.2.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| combodo | itop | < 2.7.11 | 2.7.11 |
| combodo | itop | — | — |
| combodo | itop | — | — |
| combodo | itop | >= 3.0.0 < 3.0.5 | 3.0.5 |
| combodo | itop | >= 3.1.0 < 3.1.2 | 3.1.2 |
Detection & IOCsextracted from sources · hover to see the quote
- →HTTP GET request to the vulnerable endpoint returns a 200 response containing sensitive configuration keywords in the body, indicating successful information disclosure. ↗
- →Response body contains the strings 'database_settings', 'database_version', and 'instance_host' — all present simultaneously — confirming exploitation of the information disclosure vulnerability. ↗
- →No authentication is required; the endpoint is accessible to any unauthenticated user with network access to the iTop URI. ↗
- ·The vulnerability is present in iTop versions prior to the patched releases; detection is only relevant against unpatched instances (before 2.7.11, 3.0.5, 3.1.2, and 3.2.0). ↗
CVSS provenance
nvdv3.15.8MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
vulncheck5.8MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Nuclei
iTop Hub Connector - Information Disclosure
nuclei·CVSS 5.8
CVE-2024-32870 [MEDIUM] iTop Hub Connector - Information Disclosure
iTop Hub Connector - Information Disclosure
Combodo iTop is a simple, web based IT Service Management tool. Server, OS, DBMS, PHP, and iTop info (name, version and parameters) can be read by anyone having access to iTop URI. This issue has been patched in versions 2.7.11, 3.0.5, 3.1.2, and 3.2.0.
Template:
id: CVE-2024-32870
info:
name: iTop Hub Connector - Information Disclosure
author: DhiyaneshDk
severity: medium
description: |
Combodo iTop is a simple, web based IT Service Management tool. Server, OS, DBMS, PHP, and iTop info (name, version and parameters) can be read by anyone having access to iTop URI. This issue has been patched in versions 2.7.11, 3.0.5, 3.1.2, and 3.2.0.
impact: |
Unauthenticated attackers can access sensitive server, database, and iTop configuration informati
No writeups or analysis indexed.
2024-11-05
Published
Exploited in the wild